Josh Duggar is headed for a jury trial in the Ashley Madison lawsuit brought against him by a D.J. and model. The latter is claiming damages, after alleging Duggar family’s eldest child used his images on the adult website.

Los Angles-based D.J. Matthew McCarthy has alleged Josh Duggar stole his image for use on Ashley Madison and OkCupid to solicit sex. Josh’s actions reportedly brought him infamy and led to loss of work, People reported, while quoting from the lawsuit McCarthy filed. The D.J. further alleged that his “religious” family was hurt and the reality star’s actions were malicious and deliberate.

It seems quite the self-own: finding a more handsome person who strongly resembles but would never actually be mistaken for oneself, stealing their photo for use on Ashley Madison, then getting caught. Read the rest

On Wednesday, Brian Krebs, the well-known security blogger posited a new theory about who may have hacked the site, which helps arrange extramarital affairs. Mr. Krebs zeroed in on a Twitter user named Thadeus Zu (@deuszu), who posted a link to Ashley Madison’s stolen, proprietary source code before the information was made public this month.

Some apparent problems with this hypothesis have already been noted, but the operator of the @deuszu account is doing his or her best to look guilty.

I want @briankrebs to come forward and lay it down on my fucking face. Bring all that evidence and proof and we can have a public dialogue.

The world of Ashley Madison was a far more dystopian place than anyone had realized. This isn’t a debauched wonderland of men cheating on their wives. It isn’t even a sadscape of 31 million men competing to attract those 5.5 million women in the database. Instead, it’s like a science fictional future where every woman on Earth is dead, and some Dilbert-like engineer has replaced them with badly-designed robots.

Her examination of the dataset (generally described as representing about 37m accounts) is that there were perhaps 12,000 paying women users. Which means, of course, that very few of the paying male users were actually having affairs. Of that total, only 1,492 female-profile users ever checked their messages, compared to 20m men.

One thousand, four-hundred and ninety-two.

Ashley Madison employees did a pretty decent job making their millions of women’s accounts look alive. They left the data in these inactive accounts visible to men, showing nicknames, pictures, sexy comments. But when it came to data that was only visible on to company admins, they got sloppy. The women’s personal email addresses and IP addresses showed marked signs of fakery. And as for the women’s user activity, the fundamental sign of life online? Ashley Madison employees didn’t even bother faking that at all.

Here's what Ashley Madison is: a swizz. You pay up to "have an affair", you get strung along for a while, you realize the site is garbage, then you pay the "fee" to have your data deleted. Read the rest

“They did a very lousy job building their platform. I got their entire user base,” [Ashley Madison CTO Raja] Bhatia told [CEO Noel] Biderman via email, including in the message a link to a Github archive with a sample of the database. “Also, I can turn any non paying user into a paying user, vice versa, compose messages between users, check unread stats, etc.”

Neither Bhatia nor Biderman could be immediately reached for comment. KrebsOnSecurity.com spoke with Bhatia last week after the Impact Team made good on its threat to release the Ashley Madison user database. At the time, Bhatia was downplaying the leak, saying that his team of investigators had found no signs that the dump of data was legitimate,

Alas, it was for real. Ashley Madison charged its users to have their personal data wiped, but did not do so, and now that data is out in the wild. Read the rest

Raja Bhatia was the original CTO of Avid Media, Ashley Madison's parent company; in an email to Avid CEO Noel Biderman in the latest Ashley Madison dump, he hacked the back-end of Nerve, a competing dating site. Read the rest

Heather Havrilesky explains that the moralizing and schadenfruede around the leak has obscured what it means for everyone, even those of us who don't sign up to cheat on our partners: everyone has something to hide.

This isn't just a particularly suspenseful episode of Mr. Robot we're witnessing. The world is changing quickly, and real lives are being destroyed by the recklessness at play on civic, corporate, and individual levels. Every other day, there are new security breaches, and more private information is shared with strangers. Simply proclaiming that all of our secrets will be revealed, or naïvely asserting that you have nothing to hide — this is the behavior of citizens who don’t know history, or who've surrendered completely to a modern sense of learned helplessness, or who simply don't care about protecting the weakest or the most vulnerable among us. Yes, that includes cheaters. It includes all of us. We are all vulnerable now. We are all at risk.

Self-proclaimed Ashley Madison hackers the Impact Team today released what looks like another 20 gigabytes of ill-gotten data. The just-dropped “other shoe” includes emails from the cheater-dating website's CEO.
Read the rest

The company is shotgunning DMCA notices against journalists and others who reproduce even the tiniest fraction of the dump of users who signed up to find partners with whom to cheat on their spouses -- included in the dump are thousands of people who paid $15 to have their data permanently deleted from the service. Read the rest

In a statement, Ashley Madison spokesman Anthony Macri (right) said the dump was a criminal act. He didn't mention that the company had kept the data, for reasons unknown, after charging its users to have it permanently deleted.

This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world. We are continuing to fully cooperate with law enforcement to seek to hold the guilty parties accountable to the strictest measures of the law.

The 10GB tranche exposes 37m accounts from a site marketed explicitly at people who wanted to cheat on their partners. It includes names, addresses, emails, card numbers, transactions and other personally-identifying information. Security researcher Brian Krebs says that it's the real deal.

I’ve now spoken with three vouched sources who all have reported finding their information and last four digits of their credit card numbers in the leaked database. Also, it occurs to me that it’s been almost exactly 30 days since the original hack.